In 2019, the API pioneers like SalesForce, Twitter, Facebook, Instagram, Twilio, SendGrid, Slack, and others are still relevant, but it feels like API storytelling is continuing it’s migration towards the enterprise. Stories of building an agile, scrappy startup using APIs isn’t as compelling as they used to be. They are being replaced by stories of existng enterprise groups become more innovative, agile, and competitive in a fast changing digital business landscape. The technology of APIs, the business of APIs, and the stories that matter around APIs have all been caught up in the tractor beam of the enterprise. In 2010, you did APIs if you were on the edge doing a startup, but by 2013 the enterprise began tuning into what is going on, by 2016 the enterprise responded with acquisitions, and by 2018 we are all selling and talking to the enterprise about APIs.
90% of what you are being told about AI, Blockchain, and automation right now isn’t truthful. It is only meant allocate space in your imagination, so that at the right time you can be sold something, and distracted while your data, privacy, and security can be exploited, or straight up swindled out from under you.
Much like the Internet’s inability to shake its military origins and use as a surveillance apparatus, I think the blockchain will never be able to shake its roots in a zero trust environment. Which requires a massive amount of faith in mathematics (not humans), and belief in the distributed nature of the web (which isn’t real).
For me, as an adult, I live on a new diet. I don’t fear the world around me. I know that most people are good, and work to expose those who wish to hurt us. I see the Russian propaganda machine for what it is. I see the web as a tool born of military origins, and being used to deliver misinformation. I question every fearful tale that I’m told, then venture out into the world to gather facts, learn from opposing perspectives, and push myself to learn each day. I wont stay isolated again, allowing my reality to be crafted by the fearful people around me. I’m in charge of crafting my own reality, and encouraging our children to do the same. I’m not letting their reality be dictated by people they grew up with–including me. Everyone should venture out into the world, and craft their own reality. One rooted in reality, and not just fear.
This is one of my talks from APIDays Paris 2018. Here is the abstract: The modern API toolbox includes a variety of standards and methodologies, which centers around REST, but also includes Hypermedia, GraphQL, real time streaming, event-driven architecture , and gRPC. API design has pushed beyond just basic access to data, and also can be about querying complex data structures, providing experience rich APIs, real-time data streams with Kafka and other standards, as well as also leveraging the latest algorithms and providing access to machine learning models. The biggest mistake any company, organization, or government agency can do is limit their API toolbox to be just about REST.
A Programmatic Interface
Application is about applying the digital resources made available via a programmatic interface.
Transport versus Influence
Looking back I wish we had spent more time thinking about how we were using the web as a transport, as well as the influence of industry and investment interests, but maybe it wasn’t possible as the web was still so new.
REST versus RPC
RESTafarians prefer that API providers properly define their approach, while many RPC providers could care less about labels, and are looking to just get the job done. Making XML and JSON RPC a very viable approach to doing APIs, something that still persists almost 20 years later.
REST is a philosophy, and much like microservices, provides us with a framework to think about how we put our API toolbox to work, but isn’t something that should blind us from the other tools we have within our reach.
CSV as a data format represents an anchor for the lowest common denominator for API access. As a developer, it won’t be the data format I personally will negotiate, but as a business user, it very well could mean the difference between using an API or not.
Our toolbox needs to still allow for us to provide, consume, validate, and transform XML.
API Query Language
There are trade offs with deciding to use an API query language, but in some situations it can make the development of clients much more efficient and agile, depending on who your audience is, and the resources you are looking to make available.
Webhooks are the 101 level of event-driven API architecture for API providers. It is where you get started trying to understand the meaningful events that are occurring via any platform.
Websub represents the many ways we can orchestrate our API implementations using a variety of content types, push and pull mechanisms, all leveraging web as the transport.
Server-sent events (SSE) is a technology where a browser receives automatic updates from a server via a sustained HTTP connection, which has been standardized as part of HTML5 by the W3C.
WebSocket is a different TCP protocol from HTTP, but is designed to work over HTTP ports 80 and 443 as well as to support HTTP proxies and intermediaries, making it compatible with the HTTP protocol.
As with other RPC approaches, gRPC is based around the idea of defining a service, specifying the methods that can be called remotely with their parameters and return types.
Kafka has moved out of the realm of HTTP, using a binary protocol over TCP, defining all APIs as request response message pairs, using its own messaging format. Each client initiates a socket connection and then writes a sequence of request messages and reads back the corresponding response message–no handshake is required on connection or disconnection.
One thing I’ve learned over the years while building my API toolbox is the importance of headers, and they are something that have regularly been not just about HTTP headers, but the more general usage of network networks.
Mixed Message Formats
In my world, there will always be a mixed of known and unknown message formats, something that I will always work to tame, as well as be increasingly apply machine learning models to help me identify, evolve, and make sense of–standardizing things in any way I possibly can.
So another step in our self care is to be gentle with ourselves. Depression is beating up on us already, and we don’t need to help it out. Give yourself permission to acknowledge that you’re feeling terrible (or bad, or whatever it is you are feeling), and then do a little thing, just one single thing, that you probably don’t feel like doing, and I PROMISE you it will help. Some of those things are:
- Take a shower.
- Eat a nutritious meal.
- Take a walk outside (even if it’s literally to the corner and back).
- Do something — throw a ball, play tug of war, give belly rubs — with a dog. Just about any activity with my dogs, even if it’s just a snuggle on the couch for a few minutes, helps me.
- Do five minutes of yoga stretching.
- Listen to a guided meditation and follow along as best as you can.
Finally, please trust me and know that this shitty, awful, overwhelming, terrible way you feel IS NOT FOREVER. It will get better. It always gets better. You are not alone in this fight, and you are OK.
On a side note, I really enjoyed Kin Lane’s recent post on choosing to ‘seize the day’ and not be overrun by fear.
Each day I am able to seize the widest possible definition of my day that I can. Across multiple cities, states, or countries if I so choose. I do this without being shot. I do this without the financial system crumbling around me, or the government invading my home. I do this without any brown person hurting me or taking my job. I do this without dying of cancer received from being scanned at the airport. Why is it that I’m able to move around so freely? What makes it so that I can seize the day without a gun on my side, or within arms reach? It is because I’ve chosen to seize the day from the fears I’ve been programmed with in the past, and from the possible futures these fears can dream up. I’ve seized the day for me. Not for what might be. It is my day. I get to decide. I get to enjoy it to its fullest, without any concern for tomorrow.
Nobody ever told me there were hidden columns in the spreadsheet. Once I begun spending more time outside of my comfort zone, beyond where all spreadsheets were the same, and started looking over the shoulder of my partners spreadsheet, and other friends, I started noticing they had different columns, or entirely different spreadsheets. I had never noticed the male harassment column until I started watching my partners spreadsheet on a regular basis. I never really considered the calculations she had to make walking home from the bar after a conference, or how she would receive entirely different responses for exact same criticism about technology. I could say something and nobody would feel the need to tell me I was wrong, but if she said the same thing, 20 dudes would come out of the woodwork to let her know how out of line she was. She had a bunch of columns in her spreadsheet that I had never seen before.
We are all already within a spreadsheet
I struggle calling this a lifecycle, as most of these do not occur in any sort of linear fashion. This is why I’m resorting to using the API Transit approach, as it is something that reflects the ever-changing, but also hopefully eventually more consistent nature of delivering microservices. Ideally, every microservice passes through each of these stops in a consistent fashion, making sure that they operate in concert with a larger API platform strategy. However, I know what the reality on the ground is, and know that not all of these relevant to each organization I am talking with, requiring me to trim down and change the order in which I present these.